diff --git a/app/config/oro.yml b/app/config/oro.yml index 5c6d376..7a55f68 100644 --- a/app/config/oro.yml +++ b/app/config/oro.yml @@ -62,7 +62,7 @@ stof_doctrine_extensions: tree: true escape_wsse_authentication: - authentication_provider_class: Oro\Bundle\UserBundle\Security\WsseAuthProvider + authentication_provider_class: HotfixBundle\Security\Core\Authentication\Provider\WsseProvider # Oro\Bundle\UserBundle\Security\WsseAuthProvider authentication_listener_class: Oro\Bundle\UserBundle\Security\WsseAuthListener genemu_form: diff --git a/src/HotfixBundle/DependencyInjection/Compiler/WssePass.php b/src/HotfixBundle/DependencyInjection/Compiler/WssePass.php new file mode 100644 index 0000000..669062f --- /dev/null +++ b/src/HotfixBundle/DependencyInjection/Compiler/WssePass.php @@ -0,0 +1,20 @@ +hasDefinition('escape_wsse_authentication.provider')) { + $definition = $container->getDefinition('escape_wsse_authentication.provider'); + $definition->addMethodCall('setClockSkew', ['%hotfix.wsse.clock_skew%']); + } + } +} diff --git a/src/HotfixBundle/DependencyInjection/Configuration.php b/src/HotfixBundle/DependencyInjection/Configuration.php new file mode 100644 index 0000000..34eca2e --- /dev/null +++ b/src/HotfixBundle/DependencyInjection/Configuration.php @@ -0,0 +1,44 @@ +root('hotfix'); + + $this->addWsse($rootNode); + + return $treeBuilder; + } + + /** + * @param ArrayNodeDefinition $rootNode + */ + private function addWsse(ArrayNodeDefinition $rootNode) + { + $rootNode + ->children() + ->arrayNode('wsse') + ->addDefaultsIfNotSet() + ->children() + ->integerNode('clock_skew') + ->cannotBeEmpty() + ->defaultValue(0) + ->info('An amount of seconds to tolerate differences between client and server') + ->end() + ->end() + ->end() + ->end() + ; + } +} diff --git a/src/HotfixBundle/DependencyInjection/HotfixExtension.php b/src/HotfixBundle/DependencyInjection/HotfixExtension.php index 875e83b..aa346fe 100644 --- a/src/HotfixBundle/DependencyInjection/HotfixExtension.php +++ b/src/HotfixBundle/DependencyInjection/HotfixExtension.php @@ -14,7 +14,12 @@ class HotfixExtension extends Extension */ public function load(array $configs, ContainerBuilder $container) { + $configuration = new Configuration(); + $config = $this->processConfiguration($configuration, $configs); + $loader = new YamlFileLoader($container, new FileLocator(__DIR__ . '/../Resources/config')); $loader->load('services.yml'); + + $container->setParameter('hotfix.wsse.clock_skew', $config['wsse']['clock_skew']); } } diff --git a/src/HotfixBundle/HotfixBundle.php b/src/HotfixBundle/HotfixBundle.php index 66e3a26..bfaa651 100644 --- a/src/HotfixBundle/HotfixBundle.php +++ b/src/HotfixBundle/HotfixBundle.php @@ -3,6 +3,7 @@ namespace HotfixBundle; use HotfixBundle\DependencyInjection\Compiler\ViewListenerPriorityPass; +use HotfixBundle\DependencyInjection\Compiler\WssePass; use Symfony\Component\DependencyInjection\ContainerBuilder; use Symfony\Component\HttpKernel\Bundle\Bundle; @@ -14,6 +15,8 @@ class HotfixBundle extends Bundle public function build(ContainerBuilder $container) { parent::build($container); + $container->addCompilerPass(new ViewListenerPriorityPass()); + $container->addCompilerPass(new WssePass()); } } diff --git a/src/HotfixBundle/Security/Core/Authentication/Provider/WsseProvider.php b/src/HotfixBundle/Security/Core/Authentication/Provider/WsseProvider.php new file mode 100644 index 0000000..339bd09 --- /dev/null +++ b/src/HotfixBundle/Security/Core/Authentication/Provider/WsseProvider.php @@ -0,0 +1,26 @@ +$clockSkew = $clockSkew; + } + + protected function isTokenFromFuture($created) + { + return strtotime($created) - $this->clockSkew > strtotime($this->getCurrentTime()); + } +}